User manual
LinkMAX
HSA300 User Manual
52
8
Configuring Network Address Translation
This chapter provides an overview of Network Address Translation
(NAT) and instructions for modifying the default configuration on
your device.
Overview of NAT
Network Address Translation is a method for disguising the private
IP addresses you use on your LAN as the public IP address you
use on the Internet. You define NAT rules that specify exactly how
and when to translate between public and private IP addresses.
Definitions
A private IP address is created by a network administrator for use
only on a LAN, whereas a public IP address is purchased from the
Internet Corporation for Assigned Names and Numbers (ICANN)
for use on the Internet. Typically, your ISP provides a public IP
address for your entire LAN, and you define the private addresses
for computers on your LAN.
In a typical NAT setup, your ISP provides you with a single public IP
address to use for your entire network. Then, you assign each
computer on your LAN a unique private IP address. (Or, you define
a pool of private IP addresses for dynamic assignment to your
computers, as described in Chapter 7.) On HSA300, you set up a
NAT rule to specify that whenever one of your computers
communicates with the Internet, (that is, it sends and receives IP
data packets) its private IP address—which is referenced in each
packet—will be replaced by the LAN’s public IP address.
Definitions
An IP data packet contains bits of data bundled together in a
specific format for efficient transmission over the Internet. Such
packets are the building blocks of all Internet communication. Each
packet contains header information that identifies the IP address of
the computer that initiates the communication (the source IP
address), the port number that the router associates with that
computer (the source port number), the IP address of the
targeted Internet computer (the destination IP address), and other
information.
When this type of NAT rule is applied, because the source IP
address is swapped out, it appears to other Internet computers as if
the data packets are actually originating from the computer
assigned your public IP address (in this case, HSA300).
The NAT rule could further be defined to disguise the source port in
the data packet (i.e., change it to another number), so that outside
computers will not be able to determine the actual port from which
the packet originated. Data packets that arrive in response contain
the public IP address as the destination IP address and the
disguised source port number. HSA300 changes the IP address